from __future__ import annotations

import re


SENSITIVE_PATTERNS = (
    re.compile(r"(PVEAPIToken=)[^\s]+", re.IGNORECASE),
    re.compile(r"(PBSAPIToken=)[^\s]+", re.IGNORECASE),
    re.compile(r"([A-Z0-9_]*TOKEN_SECRET=)[^\s,;]+", re.IGNORECASE),
    re.compile(r"(password=)[^\s,;]+", re.IGNORECASE),
    re.compile(r"(secret=)[^\s,;]+", re.IGNORECASE),
)


def sanitize_message(value: object) -> str:
    message = str(value).replace("\n", " ").strip()
    for pattern in SENSITIVE_PATTERNS:
        message = pattern.sub(r"\1***", message)
    return message